5399bf85858bc781b7691ebf3ccc70f1_JaffaCakes118 | Triage

Sharing

General

Target

5399bf85858bc781b7691ebf3ccc70f1_JaffaCakes118
Size

168KB
MD5

5399bf85858bc781b7691ebf3ccc70f1
SHA1

5a749cbad62713b8229d1f3242d87b4c03ce86a4
SHA256

795c5b2539321bc8b882e4d461d4082e6754d866b0d62504e368af96aba6b7ee
SHA512

7ef0d92336109d87d0c356f9d60317e2289abe5d19f7d02078f2a52ad0e59f23e0599f20a7e1dc5d73eca9880da552020554f7ef6852e2b73030cf55923067d8
SSDEEP

3072:j4MYtdYdfjsPdv0yM5ilf9lWhwcJCAfMerF41sUL0Gnf+xlX5VOHIbGJeQOeMS4:DYE94Fv0st9lO1J7fVS1DLANVOHkQOhj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5399bf85858bc781b7691ebf3ccc70f1_JaffaCakes118

Files

5399bf85858bc781b7691ebf3ccc70f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b4ad2ee4bea746dc6aa543d92898eb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
LoadLibraryA
CreateFileA
CloseHandle
GetCurrentProcess
ExitProcess

user32

CreateWindowExA
SetWindowLongA
wsprintfA
CloseWindow
CharLowerBuffA

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueA
RegCloseKey
RegQueryValueA
RegDeleteKeyA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA

Sections

.text
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ